What’s Microsoft Azure?
Microsoft Azure, commonly referred to as Azure, is a cloud computing service created by Microsoft for building, testing, deploying, and managing applications and services through Microsoft-managed data centers. Cloud computing is the on-demand delivery of IT resources over the Internet with pay-as-you-go pricing. Instead of buying, owning, and maintaining physical data centers and servers, organizations can access technology services, such as computing power, storage, and databases, on an as-needed basis from a cloud provider like Azure.
Does Azure approve providing third-party applications like ByteChek accessing my Azure subscription?
Yes. Azure has developed a way for SaaS applications like ByteChek to integrate with your Azure subscription. When you integrate your Azure subscription with ByteChek you will register an application in the Azure portal so the Microsoft identity platform can provide authentication and authorization services for ByteChek.
The Microsoft identity platform performs identity and access management (IAM) only for registered applications. When you register ByteChek with your Azure subscription, it establishes a trust relationship between ByteChek and the Microsoft identity platform.
Why does ByteChek need to connect to my Azure subscription?
Because we are cloud security experts and don’t think it makes sense to request manual evidence from cloud environments. ByteChek connects directly to your Azure infrastructure to ensure your organization’s cloud environment is in alignment with security best practices, regulations, and frameworks such as SOC 2, ISO 27001, and HIPAA. This integration allows the ByteChek application to continuously collect the evidence needed for cybersecurity assessments, allowing your team to focus on building your applications and not audits. Our Azure integration allows us to go above and beyond a traditional SOC 2 examination, producing a security-focused SOC 2 that differentiates you from your competitors.
How does ByteChek connect to your Azure subscription?
Utilizing the Azure recommended configuration for provisioning access to a third-party, ByteChek connects to your Azure subscription using an the application registration process. Connecting ByteChek to your Azure subscription establishes a trust relationship between your application and the Microsoft identity platform. Registering your application establishes a trust relationship between your app and the Microsoft identity platform.
We recommend you provision the ByteChek application read only access to the Microsoft Graph and also the Azure 'Reader' role when provisioning ByteChek IAM access to your Azure subscription.
As a reminder, the ByteChek platform will only have permissions explicitly granted by your organization.